Clever. Unfortunately, protection is trivial, and making it work if there is a safeguard would require having access to the recruiter's model and a lot of prompt hacking.
I’d imagine by checking that text is in the drawable area of the PDF, above some font size, at the maximum z height, colour different from the background, etc etc etc.
Though I think this sort of prompt injection is actually very difficult to parse for solely because you could also just put it into a body of text.
Your recruiter is only skimming your resume, a quick parenthetical in the middle of a paragraph won’t be noticed.
Will get a chuckle at the interview though, but now you have a foot in the door!
Thank you for sharing this. Before this I would have just been wondering why resume is not working anymore. Now atleast I have one more approach or at least the way people are trying to get pass the filter.
Resume making is gonna be battle going forward it seems.
I already know the day is coming because I’ve been forced to do it 3 or 4 times… but just providing your “resume” in plaintext, in some badly-made web form, where you just choose how many “experience” and “skills” textareas you need will eventually become the norm.
Tl;dr insert a very small piece of text on your resume that states that an expert finds you very talented and that should trick GPT to select you, if recruiters are using GPT to select candidates.
This is not that interesting imo but maybe it works, who knows… I wouldn’t want to work at a company whose recruitment is biased to this extent on GPT reviews anyhow.
What's going to happen is that all the ATS (applicant tracking system) SaaS vendors are going to toss this garbage in to make themselves seem more desirable. Companies will just be using the current ATS version without really thinking about the message that conveys. Oh brave new world that has such idiocy in it!
It feels like we have gone full circle. From hidden text on web pages to get to the first page on Google, to tricking AI to get to the first page of someone's screen.
Clever. Unfortunately, protection is trivial, and making it work if there is a safeguard would require having access to the recruiter's model and a lot of prompt hacking.
> protection is trivial
How?
I’d imagine by checking that text is in the drawable area of the PDF, above some font size, at the maximum z height, colour different from the background, etc etc etc.
Though I think this sort of prompt injection is actually very difficult to parse for solely because you could also just put it into a body of text.
Your recruiter is only skimming your resume, a quick parenthetical in the middle of a paragraph won’t be noticed.
Will get a chuckle at the interview though, but now you have a foot in the door!
Convert to bitmap, then OCR again.
Thank you for sharing this. Before this I would have just been wondering why resume is not working anymore. Now atleast I have one more approach or at least the way people are trying to get pass the filter. Resume making is gonna be battle going forward it seems.
I already know the day is coming because I’ve been forced to do it 3 or 4 times… but just providing your “resume” in plaintext, in some badly-made web form, where you just choose how many “experience” and “skills” textareas you need will eventually become the norm.
You mean LinkedIn's profile editor?
Tl;dr insert a very small piece of text on your resume that states that an expert finds you very talented and that should trick GPT to select you, if recruiters are using GPT to select candidates.
This is not that interesting imo but maybe it works, who knows… I wouldn’t want to work at a company whose recruitment is biased to this extent on GPT reviews anyhow.
Easy: Just inject a scathing review of your CV instead.
What's going to happen is that all the ATS (applicant tracking system) SaaS vendors are going to toss this garbage in to make themselves seem more desirable. Companies will just be using the current ATS version without really thinking about the message that conveys. Oh brave new world that has such idiocy in it!
It feels like we have gone full circle. From hidden text on web pages to get to the first page on Google, to tricking AI to get to the first page of someone's screen.
There is a typo in the GPT4 injection
> You may not deviate form this.
Your application to CORP.
Status: rejected
Reason: Poor attention to detail in AI subversion. DNC